This is a note to let you know that I've just added the patch titled
s390/pkey: Wipe sensitive data on failure
to the 5.4-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
s390-pkey-wipe-sensitive-data-on-failure.patch
and it can be found in the queue-5.4 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
commit a27d936c7defd044766004a1233a500abb53af95
Author: Holger Dengler <dengler@xxxxxxxxxxxxx>
Date: Tue May 7 17:03:18 2024 +0200
s390/pkey: Wipe sensitive data on failure
[ Upstream commit 1d8c270de5eb74245d72325d285894a577a945d9 ]
Wipe sensitive data from stack also if the copy_to_user() fails.
Suggested-by: Heiko Carstens <hca@xxxxxxxxxxxxx>
Reviewed-by: Harald Freudenberger <freude@xxxxxxxxxxxxx>
Reviewed-by: Ingo Franzki <ifranzki@xxxxxxxxxxxxx>
Acked-by: Heiko Carstens <hca@xxxxxxxxxxxxx>
Signed-off-by: Holger Dengler <dengler@xxxxxxxxxxxxx>
Signed-off-by: Alexander Gordeev <agordeev@xxxxxxxxxxxxx>
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
diff --git a/drivers/s390/crypto/pkey_api.c b/drivers/s390/crypto/pkey_api.c
index 0658aa5030c6f..ca090fdec5f2d 100644
--- a/drivers/s390/crypto/pkey_api.c
+++ b/drivers/s390/crypto/pkey_api.c
@@ -784,7 +784,7 @@ static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
if (rc)
break;
if (copy_to_user(ucs, &kcs, sizeof(kcs)))
- return -EFAULT;
+ rc = -EFAULT;
memzero_explicit(&kcs, sizeof(kcs));
break;
}
@@ -816,7 +816,7 @@ static long pkey_unlocked_ioctl(struct file *filp, unsigned int cmd,
if (rc)
break;
if (copy_to_user(ucp, &kcp, sizeof(kcp)))
- return -EFAULT;
+ rc = -EFAULT;
memzero_explicit(&kcp, sizeof(kcp));
break;
}
